package cn.uin.domain.auth.service.user.login.phone;

import org.springframework.security.authentication.AbstractAuthenticationToken;
import org.springframework.security.core.GrantedAuthority;

import java.util.Collection;

/**
 * @ClassName EmaillCodeAuthenticationToken
 * @Description:短信登录身份验证令牌
 * @Author: Administrator
 * @CreateDate: 2025/10/31 11:01
 * @Version: 1.0
 */
public class PhoneCodeAuthenticationToken extends AbstractAuthenticationToken {

	/**
	 * 这里的 principal 指的是 email 地址（未认证的时候）
	 */
	private final Object principal;

	/**
	 没经过身份验证时，初始化权限为空，setAuthenticated(false)设置为不可信令牌
	 */
	public PhoneCodeAuthenticationToken(Object principal) {
		super(null);
		this.principal = principal;
		setAuthenticated(false);
	}

	/**
	 经过身份验证后，将权限放进去，setAuthenticated(true)设置为可信令牌
	 */
	public PhoneCodeAuthenticationToken(Object principal, Collection<? extends GrantedAuthority> authorities) {
		super(authorities);
		this.principal = principal;
		super.setAuthenticated(true); // must use super, as we override
	}

	@Override
	public Object getCredentials() {
		return null;
	}

	@Override
	public Object getPrincipal() {
		return this.principal;
	}
}
